Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

207 New today

66,902 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

284

Jun 29

198

Jun 30

Critical

High

Medium

Low

Latest

CVE CVSS 5.3

Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure_CVE-2026-10647

The USB CDC-NCM device class (subsys/usb/device_next/class/usbd_cdc_ncm.c) ignores the return value of usbd_ep_enqueue() in its ethernet transmit callback cdc_ncm_send(). When the enqueue fails, the function still calls k_sem_take(&data-sync_sem, K_FOREVER), blocking on a comp...

CVE-2026-10647 zephyrproject zephyr 4.1.0

Jun 29, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-8023	Path traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file read_CVE-2026-8023 Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYS...	zephyrproject	zephyr 4.0.0	Jun 29, 2026	CVE
HIGH 8.1	CVE-2026-7656	Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack_CVE-2026-7656 The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expr...	zephyrproject	zephyr 1.14.0	Jun 29, 2026	CVE
CRITICAL 10	745E87EB-2F7B-	Exploit for Improper Control of Dynamically-Managed Code Resources in Kidocode Crawl4Ai_745E87EB-2F7B-5DE3-8689-0B856028F54D CVE-2026-53753 — Crawl4AI Unauthenticated Remote Code Execution AST Sandbox Escape Pre-authentication RCE in Crawl4AI expression evaluator safeeval...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 9.8	964E7791-B2DF-	Exploit for Authentication Bypass by Primary Weakness in Crushftp_964E7791-B2DF-59B8-81F3-BEFC914A712D CrushFTP 10.8.0 — CVE-2025-31161 Vulnerable Build Pre-built CrushFTP 10.8.0 binary for authorized penetration testing of CVE-2025-31161. !CAUTION T...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 9.8	983CAFED-3C66-	Exploit for Authentication Bypass by Primary Weakness in Crushftp_983CAFED-3C66-576E-BB1A-B397A3A030D6 Ansible Role: CrushFTP CVE-2025-31161 Ludus An Ansible Role that deploys a vulnerable CrushFTP 10.8.0 instance on Windows for authorized penetratio...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
NONE	394EC506-B436-	Pentesting-Skill-For-Ai-Agent_394EC506-B436-5307-87F3-9DB6D187E8FE No description provided...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
HIGH 7.8	B815CF61-2540-	Exploit for Out-of-bounds Write in Netapp Bootstrap_Os_B815CF61-2540-5E4D-AAB8-F3976D79DF34 Security Notice: This repository contains working exploit code for educational and research purposes. Use responsibly and only on systems you own o...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 10	65F73DD7-40DF-	Exploit for Improper Access Control in Widgetfactorylimited Jce_65F73DD7-40DF-5117-8110-BB18FDB3BD7C CVE-2026-48907 – Joomla JCE Unauthenticated Remote Code Execution RCE Severity: Critical CVSS 9.8 / CVSS v4 10.0 CVE: CVE-2026-48907 CWE: CWE-284 –...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
NONE	MSF:PAYLOAD-LINUX-	Linux Execute Command_MSF:PAYLOAD-LINUX-LOONGARCH64-EXEC- Execute an arbitrary command. Module Options msf use payload/linux/loongarch64/exec msf payloadexec show actions ...actions... msf payloadexec set ...	N/A	N/A	Jun 29, 2026	METASPLOIT

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure_CVE-2026-10647

Recent Advisories

Path traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file read_CVE-2026-8023

Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack_CVE-2026-7656

Exploit for Improper Control of Dynamically-Managed Code Resources in Kidocode Crawl4Ai_745E87EB-2F7B-5DE3-8689-0B856028F54D

Exploit for Authentication Bypass by Primary Weakness in Crushftp_964E7791-B2DF-59B8-81F3-BEFC914A712D

Exploit for Authentication Bypass by Primary Weakness in Crushftp_983CAFED-3C66-576E-BB1A-B397A3A030D6

Pentesting-Skill-For-Ai-Agent_394EC506-B436-5307-87F3-9DB6D187E8FE

Exploit for Out-of-bounds Write in Netapp Bootstrap_Os_B815CF61-2540-5E4D-AAB8-F3976D79DF34

Exploit for Improper Access Control in Widgetfactorylimited Jce_65F73DD7-40DF-5117-8110-BB18FDB3BD7C

Linux Execute Command_MSF:PAYLOAD-LINUX-LOONGARCH64-EXEC-

Protect Your Attack Surface with RedGem

Security Intelligence
Feed